generated from onedr0p/cluster-template
-
Notifications
You must be signed in to change notification settings - Fork 2
/
helmrelease.yaml
45 lines (45 loc) · 1.23 KB
/
helmrelease.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
---
# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/helm.toolkit.fluxcd.io/helmrelease_v2beta1.json
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
name: &app tetragon
spec:
interval: 15m
chart:
spec:
chart: *app
version: 1.1.0
sourceRef:
kind: HelmRepository
name: cilium
namespace: flux-system
install:
createNamespace: true
remediation:
retries: 5
upgrade:
remediation:
retries: 5
values:
dnsPolicy: Default
tetragon:
exportAllowList: |-
{"event_set":["PROCESS_EXEC", "PROCESS_EXIT", "PROCESS_KPROBE", "PROCESS_UPROBE", "PROCESS_TRACEPOINT"]}
exportDenyList: |-
{"health_check":true}
fieldFilters: |-
{}
# Access Kubernetes API to associate Tetragon events with Kubernetes pods.
enableK8sAPI: true
# enableProcessCred enables Capabilities visibility in exec and kprobe events.
enableProcessCred: true
# enableProcessNs enables Namespaces visibility in exec and kprobe events.
enableProcessNs: true
prometheus:
enabled: true
serviceMonitor:
enabled: true
tetragonOperator:
podInfo:
enabled: true